Check for Specified Minimum and Maximum Value Violations
During a design error detection analysis, the software checks the specified minimum and maximum values on intermediate signals throughout the model and on the output ports. These values define the design ranges.
The analysis checks for specified minimum and maximum values on:
Simulink® block outputs, with the exception of the limitations described in the next section
Simulink.SignalobjectsStateflow® data objects
MATLAB® for code generation data objects
Global data store writes
If the analysis detects that a signal exceeds the design range, the results identify where in the model the errors occurred. In addition, you can generate a harness model that contains test cases that demonstrate how the error occurred.
Limitations of Checking Specified Minimum and Maximum Value Violations
To analyze a model checking if specified minimum and maximum values are exceeded, select Specified minimum and maximum value violations under Signal Range Errors in Design Error Detection pane.
The software cannot check minimum and maximum values specified on:
Any Mux block with an output connected to a Selector block
Merge block inputs
To work around this limitation, use a
Simulink.Signalobject on the Merge block output and specify the range on theSimulink.Signalobject.
Note
For information about how a Simulink Design Verifier™ analysis handles specified minimum and maximum values on input ports, see Minimum and Maximum Input Constraints.
About This Example
In this section, you create and analyze a model that has specified design minimum and maximum values on:
The input ports
The output ports of two of the intermediate blocks
The design error detection analysis identifies blocks where the output values exceed the design range. If the analysis detects this error, this example demonstrates how the analysis uses the specified minimum and maximum values when continuing the analysis.
Create the Example Model
Create the model for this example:
In the MATLAB toolstrip, on the Home tab, select New > Simulink Model.
From the Simulink Commonly Used Blocks library, add the following blocks to the model and assign the indicated parameter values.
Block Tab Parameter Value Inport Signal Attributes Minimum 0Inport Signal Attributes Maximum 5Gain Main Gain 5Gain Signal Attributes Output minimum 0Gain Signal Attributes Output maximum 20Gain Signal Attributes Output data type int16Saturation Main Upper limit 25Saturation Main Lower limit -25Saturation Signal Attributes Output minimum -25Saturation Signal Attributes Output maximum 25Outport No changes Connect the four blocks as shown.
To display the specified minimum and maximum values, on the Debug tab, select Information Overlays > Signal Data Ranges.
On the Modeling tab, click Model Settings.
In the Configuration Parameters dialog box, on the Solver pane, under Solver selection:
Set Type to
Fixed-step.The Simulink Design Verifier software does not support variable-step solvers.
Set Solver to
discrete (no continuous states).
On the Design Verifier pane, set Mode to
Design error detection.On the Design Verifier > Design Error Detection pane:
Select Specified minimum and maximum value violations.
Clear the Integer overflow and Division by zero parameters.
In this example, you check only for intermediate minimum and maximum violations.
To save these settings and exit the Configuration Parameters dialog box, click OK.
Save the model and name it
ex_interim_minmax.
Analyze the Model
To analyze the example model to identify any intermediate signals that violate the specified minimum and maximum values, perform design error detection analysis.
On the Design Verifier tab, click Detect Design Errors.
After the analysis is complete:
The software highlights the model with the analysis results.
The Simulink Design Verifier Results dialog box opens and displays a summary of the analysis.
Review the Analysis Results
Review Results on the Model
In the model window, the Gain block is colored red and the Saturation block is colored green. This indicates that:
At least one objective associated with the Gain block was falsified. For this example, the analysis falsified exactly one objective.
All objectives associated with the Saturation block were satisfied. For this example, the analysis satisfied exactly one objective.
To understand these results:
Click the Gain block.
The Simulink Design Verifier Results window shows that the design range for the output was [0..20], but the analysis detected an error and generated a test case that demonstrates that error. Because the design range for the input block is [0..5], when the input to the Gain block is 5, the output is 25, which exceeds the specified maximum value on that port.
The analysis computes and displays the derived range to help you understand how the design range was exceeded.
Click the Saturation block.
The Simulink Design Verifier Results window shows that the output of the Saturation block never exceeded the design range [–25..25]. The input to the Saturation block never exceeded [0..25], which is the derived range that the analysis propagated from the Gain block.
Review the Harness Model
When the analysis completes, you can create a harness model that contains the test cases that result in errors.
For the example model, view the test case that caused the design range error in the Gain block:
After the analysis completes and the model is highlighted, select the Gain block.
In the Simulink Design Verifier Results window, click View counterexample.
The software creates a harness model named
ex_interim_minmax_harnessand opens the Signal Editor block in the harness model that contains the counterexample.In the Signal Editor block, one test case, whose signal value is
5, caused the output of the Gain block to be25, which exceeds the specified maximum of20.Before you simulate this test case, in the Configuration Parameters dialog box, on the Diagnostics > Data Validity pane, set Simulation range checking to
warningorerror.Setting this parameter specifies the diagnostic action to take if Simulink detects signals that exceed specified minimum or maximum values during simulation.
If you specify
warning, the Diagnostic Viewer displays a warning message and continues.If you specify
error, the Diagnostic Viewer displays an error message and stops.
Click OK to save your change and close the Configuration Parameters dialog box.
In the toolstrip for the harness model, click Run all to simulate the model with this counterexample.
As expected, the simulation displays a warning or error in the MATLAB window that the output value of the Gain block exceeds the specified maximum.
Review the Analysis Report
You can also generate an HTML report containing detailed information about the analysis for
the ex_interim_minmax model. To create this report, in the
Simulink
Design Verifier Results window, click HTML. The analysis
report opens in a browser.
In the analysis report, the Design Error Detection Objectives Status chapter of the report provides detailed results in two categories:
Objectives Proven Valid — The output values for the Saturation block are always within the design range.
Objectives Falsified with Test Cases — The output values for the Gain block violated the design range.
You can also select a web site from the following list
Americas
- América Latina (Español)
- Canada (English)
- United States (English)
Europe
- Belgium (English)
- Denmark (English)
- Deutschland (Deutsch)
- España (Español)
- Finland (English)
- France (Français)
- Ireland (English)
- Italia (Italiano)
- Luxembourg (English)
- Netherlands (English)
- Norway (English)
- Österreich (Deutsch)
- Portugal (English)
- Sweden (English)
- Switzerland
- United Kingdom (English)
Asia Pacific
- Australia (English)
- India (English)
- New Zealand (English)
- 中国
- 日本Japanese (日本語)
- 한국Korean (한국어)